专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

51. 发明授权

US10778700B2 Malicious encrypted network traffic identification using fourier transform 有权
公开(公告)号：US10778700B2
公开(公告)日：2020-09-15
申请号：US15559328
申请日：2016-03-15
申请人： British Telecommunications Public Limited Company
发明人： Ben Azvine , Fadi El-Moussa , George Kallos
IPC分类号： H04L29/06 , G06F17/14
摘要： A method for identifying malicious encrypted network traffic communicated via a network between a first and second computer system, the method including: monitoring network traffic over the network to detect a network connection as a new network connection; identifying characteristics of the network connection to determine a protocol of the network connection; retrieving a definition of a portion of network traffic for a network connection based on the determined protocol; evaluating Fourier transform coefficient values for each of a plurality of bytes in a portion of network traffic of the new network connection based on the retrieved definition; and comparing the evaluated coefficient values with a dictionary of one or more reference sets of coefficients, each of the one or more reference sets of coefficients being associated with a portion of network traffic of a malicious encrypted network connection, so as to determine if malicious encrypted network traffic is communicated over the network connection.

52. 发明授权

US10733296B2 Software security 有权
公开(公告)号：US10733296B2
公开(公告)日：2020-08-04
申请号：US16065665
申请日：2016-12-22
申请人： British Telecommunications Public Limited Company
发明人： Fadi El-Moussa
IPC分类号： G06F21/56 , G06F21/53
摘要： A computer implemented method of detecting malicious code in a software application executing with a runtime environment in a computer system, the method including: receiving a definition of one or more runtime exception trigger conditions, each trigger condition defining criteria for the runtime environment to enter a software exception state and having associated a definition of a resulting state of the runtime environment having entered the exception state; monitoring the runtime environment to detect the satisfaction of a detected trigger condition by the runtime environment and, in response to a determination that the runtime environment fails to enter a resulting state associated with the detected trigger condition, identifying the software application as including malicious code.

53. 发明授权

US10594707B2 Learned profiles for malicious encrypted network traffic identification 有权
公开(公告)号：US10594707B2
公开(公告)日：2020-03-17
申请号：US15559346
申请日：2016-03-15
申请人： British Telecommunications Public Limited Company
发明人： Fadi El-Moussa , Ben Azvine , George Kallos
IPC分类号： H04L29/06 , G06F17/14 , G06N3/08
摘要： The disclosure relates to detection of malicious network communications. In one embodiment, a method for identifying malicious encrypted network traffic associated with a malware software component communicating via a network is disclosed. The method includes training a neural network based on images for extracted portions of network traffic such that subsequent network traffic can be classified by the neural network to identify malicious network traffic associated with malware based on an image generated to represent a defined portion of the subsequent network traffic.

54. 发明申请

US20190356691A1 HISTORIC DATA BREACH DETECTION 审中-公开
公开(公告)号：US20190356691A1
公开(公告)日：2019-11-21
申请号：US16473933
申请日：2017-12-19
申请人： British Telecommunications Public Limited Company
发明人： Fadi El-Moussa
IPC分类号： H04L29/06
摘要： A computer implemented method to detect a data breach in a network-connected computing system, the method including storing, at a trusted secure computing device, at least a portion of network traffic communicated with the computer system; the computing device generating a copy of data distributed across a network; the computing device identifying information about the network attack stored in the copy of the data; the computing device generating a signature for the network attack based on the information about the network attack, the signature including rules for identifying the network attack in network traffic; and identifying an occurrence of the network attack in the stored network traffic based on the signature.

55. 发明授权

US10419454B2 Malicious encrypted traffic inhibitor 有权
公开(公告)号：US10419454B2
公开(公告)日：2019-09-17
申请号：US15121015
申请日：2015-02-17
申请人： British Telecommunications Public Limited Company
发明人： Fadi El-Moussa , George Kallos , Ben Azvine
IPC分类号： H04L29/06
摘要： A malicious encrypted traffic inhibitor connected to a computer network is disclosed. A method for inhibiting malicious encrypted network traffic communicated via a computer network also is disclosed. The malicious encrypted traffic inhibitor and method utilize an estimated measure of entropy for a portion of network traffic communicated over a network connection via the computer network. The estimated measure of entropy is calculated as a measure of a degree of indeterminacy of information communicated via the network connection, such as an estimated measure of Shannon entropy, and then compared with a reference measure of entropy for malicious encrypted network traffic. If the estimated measure of entropy for traffic communicated via the computer network is sufficiently similar to the reference measure of entropy, a positive identification of malicious traffic on the computer network can be output.

56. 发明授权

US10205739B2 Security protocol monitoring 有权
公开(公告)号：US10205739B2
公开(公告)日：2019-02-12
申请号：US15303354
申请日：2015-04-08
申请人： British Telecommunications Public Limited Company
发明人： Fadi El-Moussa
IPC分类号： H04L29/06 , G06F21/57 , H04L12/26
摘要： Preventing unintentional communication of data over a network by monitoring an outbound memory buffer of a computer system, the outbound memory buffer storing outbound network messages, and in response to a detection of an outbound network message corresponding to a heartbeat response message, overwriting at least a portion of a payload of the heartbeat response message.

57. 发明授权

US09967284B2 Processing device and method of operation thereof 有权
公开(公告)号：US09967284B2
公开(公告)日：2018-05-08
申请号：US14758663
申请日：2013-12-31
申请人： BRITISH TELECOMMUNICATIONS PUBLIC LIMITED COMPANY
发明人： Yair Diaz-Tellez , Fadi El-Moussa , Theo Dimitrakos , Abdullahi Arabo
IPC分类号： H04W12/08 , H04L29/06 , G06F21/62 , H04W88/02
CPC分类号： H04L63/20 , G06F21/6218 , G06F21/629 , H04L63/107 , H04W12/08 , H04W88/02
摘要： A processing device (10) includes a policy evaluation module (131) for evaluating policies associated with an item of data or an application and a dynamic context determination module (133) for determining contextual information associated with the current context of operation of the device and for providing the thus determined contextual information to the policy evaluation module. The device (10) further includes a policy enforcement module (135) for enforcing the evaluation specified by the policy evaluation module (131), wherein the device is operable to cause the policy evaluation module to evaluate a policy associated with an item of data or an application whenever the associated item of data or application is invoked and, additionally, whilst the associated item of data or application is active on the device and a notification of a change in the determined contextual information is received by the policy evaluation module.

58. 发明申请

US20140289864A1 METHOD AND APPARATUS FOR SECURING A COMPUTER 有权
标题翻译：用于安全计算机的方法和装置
公开(公告)号：US20140289864A1
公开(公告)日：2014-09-25
申请号：US14356285
申请日：2012-11-02
申请人： BRITISH TELECOMMUNICATIONS public limited company
发明人： Theo Dimitrakos , Fadi El-Moussa
IPC分类号： H04L29/06 , G06F21/12
CPC分类号： H04L63/02 , G06F21/121 , G06F21/53 , G06F21/572 , G06F21/575
摘要： A computer system (100) is arranged to run at east one user-oriented operating system (153) (e.g. Windows, LINUX, etc.) on which a plurality of user-oriented applications (152) (e.g. Word processor, web browser, spreadsheet application, etc.) may run, the computer system being further arranged to run a secondary program supporting environment (154), (155) (e.g. computer BIOS, Hypervisor, basic LINUX operating system micro-kernel, etc.). The computer system (100) is arranged to run the secondary program supporting environment (154), when the main user-oriented operating system is not miming in either or both of the following situations: prior to loading the main operating system at boot-up time of the system or when a user wishes to log back into his/her operating system after having previously logged out or having been logged out automatically and/or during a sleep mode of the computer system. The computer system (100) is arranged to run within the secondary program supporting environment an agent program or programs (157), (158) which are operable to communicate with one or more remote servers (300) to obtain security patches associated with the user-oriented operating system and/or the user-oriented applications.
摘要翻译：计算机系统（100）被布置为在东面上运行一个面向用户的操作系统（153）（例如Windows，LINUX等），在多个用户导向的应用（152）（例如，Word处理器，web浏览器，电子表格应用程序等）可以运行，计算机系统还被布置成运行辅助程序支持环境（154），（155）（例如计算机BIOS，管理程序，基本LINUX操作系统微内核等）。当主要面向用户的操作系统在以下情况之一或两者中不模仿时，计算机系统（100）被布置为运行辅助程序支持环境（154）：在启动时加载主操作系统之前系统的时间或者当用户希望在计算机系统的自动登录和/或在睡眠模式之后已经注销或者已经注销时希望登录他/她的操作系统。计算机系统（100）被布置为在辅助程序支持环境内运行代理程序（157），（158），其可操作以与一个或多个远程服务器（300）通信以获得与用户相关联的安全补丁面向操作系统和/或面向用户的应用程序。

59. 发明授权

US12093395B2 Application deployment 有权
公开(公告)号：US12093395B2
公开(公告)日：2024-09-17
申请号：US15733587
申请日：2019-03-04
申请人： British Telecommunications Public Limited Company
发明人： Fadi El-Moussa
IPC分类号： G06F21/57 , G06F8/60
CPC分类号： G06F21/577 , G06F8/60 , G06F2221/033
摘要： A computer implemented method of improved security of an application for deployment to a virtualized computing environment, the method including receiving configuration information for the application; accessing a set of configuration descriptors for a known security attack, each descriptor encoding at least a portion of an application configuration so as to identify one or more descriptors matching at least part of the configuration information, each descriptor in the set having a probability that the security attack will occur in a deployed application having a configuration consistent with the descriptor; evaluating a risk score for a risk of occurrence of the security attack, the risk score evaluated from the probabilities associated with the identified descriptors; identifying a set of compatible alternative configurations for the application; evaluating a risk score for a risk of occurrence of the security attack for each alternative configuration; selecting an alternative configuration having a risk score meeting a predetermined threshold; and adjusting the application configuration information to implement the selected alternative configuration.

60. 发明授权

US11924327B2 Variable data protection 有权
公开(公告)号：US11924327B2
公开(公告)日：2024-03-05
申请号：US17310015
申请日：2019-12-18
申请人： BRITISH TELECOMMUNICATIONS PUBLIC LIMITED COMPANY
发明人： Fadi El-Moussa , Fabio Giubilo
IPC分类号： H04L9/06 , H04L9/08
CPC分类号： H04L9/065 , H04L9/0631 , H04L9/0643 , H04L9/085
摘要： Systems and methods of protecting data in a message for communication from a sender to a receiver, the sender and receiver sharing a secret including splitting the message into a number of ordered message blocks, the order being a proper order such that an aggregation of the blocks in the proper order constitutes the message; generating an encoded indication of a position of the block in the proper order of blocks, the encoding being reversible and based on at least a hash value for the block, a secret shared between the sender and the receiver, and a position of the block in the proper order; communicating the blocks and the encoded indications to the receiver, the blocks being communicated in an order different to the proper order so as to obfuscate the message, such that the blocks can be reassembled by the receiver in the proper order on the basis of the shared secret.

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式